Bobcares

Edit firewall for a DigitalOcean droplet like a pro

by | Nov 21, 2021

Edit firewall for a DigitalOcean droplet like a pro with help from Bobcares.

At Bobcares, we offer solutions to queries as a part of our Server Management Service.

Let’s take a look at this guide by our Support Techs to edit a firewall for a droplet.

How to edit firewall for a DigitalOcean droplet

DigitalOcean Cloud Firewalls can be described as a network-based, firewall service for Droplets. Furthermore, it comes at no additional cost. Additionally, Cloud firewalls also block traffic that is not permitted by a rule.

According to our Support Techs, inbound firewall rules define the traffic that is allowed on the server, from which sources, and on which ports. In case inbound rules are not configured, incoming traffic does not have permission.

Outbound rules are related to traffic permitted to leave the server, to which destinations as well as on which ports. In case outbound rules are not configured, outbound traffic is permitted.

In order to manage the firewall’s rules, we have to go to the Firewalls section in Networking. Once we click the name of the firewall, we will see Rules tab. This allows us to Create new rules and Edit or delete existing rules.

How to edit firewall for a DigitalOcean droplet: Create new rules

We can create new outbound and inbound rules by going to either Inbound Rules or Outbound Rules and opening the New rule.

According to our Support Engineers, we can define firewall rules only to restrict traffic to and from ports based on sources, connection types as well as destinations. Moreover, we cannot define rules to restrict traffic based on HTTP headers like User-Agent. Content-Type or X-Forwarded-For.

Furthermore, there are various common protocols that fill up the Port Range and Protocol fields automatically. For instance, if we select HTTP, the Port Name and Protocol will automatically be port 80 and TCP respectively as seen below:

Edit firewall for a DigitalOcean droplet: Inbound rules

In case any of the services are listening on a non-standard port, we can create a new custom rule to configure it.

How to edit firewall for a DigitalOcean droplet: Custom rules

In order to add a custom rule, we will select Custom. This allows us to define the port range, protocol as well as source or destination.

  • Protocol:
    We can choose either UDP or TCP. Since ICMP does not have port abstraction, we have to select it directly in the New rule to allow ICMP traffic.
  • Port Range:
    For UDP and TCP protocols, we will specify the following:

    • All ports: by leaving the field blank.
    • Range of ports: by entering the ending & starting ports separated by a dash. We can create a separate rule for each in order to open multiple non-sequential ports.
    • A single port
  • Sources:
    For inbound rules, sources allow us to restrict the source of incoming connections as seen below:

    • Resources or tags: by entering the name of the tag or resource. This includes VPCs, Droplets. Kubernetes clusters, load balancers, resource tags, and Ipv4/Ipv6 addresses.
    • IP addresses or IP ranges: by entering a CIDR or individual IP addresses.
    • Types of IP address: by choosing All IPv6 or All Ipv4 in the sources field. In fact, this allows all IP addresses of a certain type to connect to the Droplet.
  • Destinations: for outbound rules, it allows us to restrict outgoing connections’ destinations. We can also limit the sources or destinations to:
    • Load Balancers, DigitalOcean selected by name, IP address, or tag
    • Droplets, selected by name, IP address, or tag
    • DigitalOcean Kubernetes clusters, selected by name, or tag
    • Non-DigitalOcean servers by subnets, CIDR ranges, or IP addresses

How to edit firewall for a DigitalOcean droplet: Edit or Delete rules

We can edit or delete a rule via the More menu seen below:

Edit firewall for a DigitalOcean droplet: Edit or Delete rules

In other words, we can opt for Edit Rule or Delete Rule respectively. Furthermore, the rule gets deleted immediately without any additional prompt when we choose Delete Rule.

[Need assistance with another query? We are here to lend a hand.]

Conclusion

In brief, we learned how to configure firewall rules for a DigitalOcean droplet under the guidance of the skilled Support Engineers at Bobcares.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF